New issue
Advanced search Search tips

Issue 668818 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Nov 2016
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Hi i just realized a big bug that i am going to report please see description

Reported by wabba...@gmail.com, Nov 26 2016 
Hello good day this is the first time i am reporting any bug, i am a software developer. Recently after a research i came to know about a severe bug that i am going to share with you. Its specially related to your website google.com.

I have heard that many people are scamming people by sending them emails with domain name of google. I know google cant do that so i made a research and came to know there is a bug in URL bar that anyone can adopt and scam people.

If we open this domain ɢoogle.com or ɢoogle.com/trump, it will show a russian hacker page that shows political info and anyone who will open can trust that its actual google.com page but its not. So millions of people are affected by this url so please take action about that character that comes at start "ɢ".

Let me know by email what do you think thanks

Comment 1 by wabba...@gmail.com, Nov 26 2016 

Same happen on every browser and i am also going to tell them thanks

Comment 2 by wabba...@gmail.com, Nov 26 2016 

Just to mention that i am mentioning this bug for your product (GOOGLE CHROME)

Comment 3 by wabba...@gmail.com, Nov 26 2016 

In simple we can scam people for any website that starts with letter (g) or it comes in between. The only problem is character (ɢ)

thanks

Comment 4 by dominickn@chromium.org, Nov 26 2016

Status: WontFix (was: Unconfirmed)
Thanks for this. We know that non-ASCII characters in URLs are an issue, however, our general mitigation for this is to report the site at https://www.google.com/safebrowsing/report_phish/. It's very difficult to catch these at the browser level, which is why we have the Safe Browsing service to do it for us. :)

Comment 5 by wabba...@gmail.com, Nov 27 2016 

Thats insane ... i never seen anyone have reported that and that is behind USA elections , millions of emails are coming from ɢoogle.com , g as ascii , its ok if you people dont want to pay bud bounty money ... thanks
Project Member

Comment 6 by sheriffbot@chromium.org, Mar 5 2017

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment